The present invention concerns in general terms any electronic data processing means in which data have to be processed by means of a secret key.
For example, the data processing concerns an enciphering of the data according to a predetermined enciphering algorithm. The data are enciphered block by block. For each data block, the secret key constitutes the enciphering key and is applied to the algorithm with the data block in order to produce enciphered data.
The data processing means, in general a microcontroller, for example included in a terminal or in a smart card, contains a read only memory in which the enciphering key is prestored when the processing means is manufactured.
To take cognisance of the data which are enciphered, it is known that an attacker, an ill-intentioned person, seeks to read the enciphering key in the processing means, or to make an analysis of the electrical consumption by connecting a voltage-measuring apparatus to the electrical interface between the processing means and the outside world, or at a bus internal to the processing means when it is accessible.
So as to guard against such an attack, it is known how to apply a first random number and the enciphering key to a predetermined logic function in order to produce a processing key so as to execute the enciphering algorithm with this processing key. Thus, each time a data block is to be enciphered, a first random number is generated and an enciphering key is produced different from the enciphering keys for the previous encipherings. This enciphering method makes it much more difficult for an attacker to seek the enciphering key, since the processing key used at each enciphering is by nature random.
However, this known method manipulates the enciphering key in clear in the memory of the processing means.